Posted
by
timothy
on Thursday April 19, 2012 @05:58PM
from the arrogance-of-power-button dept.

sunbird writes "At 16:00 ET on April 18, federal agents seized a server located in a New York colocation facility shared by May First / People Link and Riseup.net. The server was operated by the European Counter Network ("ECN"), the oldest independent internet service provider in Europe. The server was seized as a part of the investigation into bomb threats sent via the Mixmaster anonymous remailer received by the University of Pittsburgh that were previously discussed on Slashdot. As a result of the seizure, hundreds of unrelated people and organizations have been disrupted."

More importantly: Unless the server operator was a total dofus, this brings them exactly zero steps towards resolving their problem, because this is exactly the kind of attack that Mixmasters was designed to withstand.

Idiots. Is nobody teaching these fools basics about the stuff they encounter?

Anyone else think this is more believable as a denial of service attack, or as a pretext for taking down a troublesome server they couldn't legally seize by any other means, than as an actual threat?

Unless the person sending them was stupid enough to think that a remailer would protect them from ever being caught, and didn't care that it was going to mean taking down the whole service for everyone else using it..

Have you ever done data forensics? The first thing you learn is that it's not the same data if it's not on the original storage medium.

Of course, what they SHOULD be able to do is shut the server down, clone the drive, pull the drive that has the warrant, and drop in the cloned drive. Of course, this requires cooperation with the victim, which obviously wasn't available in this case.

To put it another way: they weren't after the hardware OR the data, they were after the incriminating evidence. Data by itself is hearsay (no way to prove beyond a shadow of a doubt that it was preserved in the same state and context).

The University of Pittsburgh (which is down the street from where I work) has gotten multiple bomb threats per day every day for weeks now.

Many students have been driven out of their dorms, to live off campus, because the evacuations were too disruptive. The campus police are no doubt way over budget. Classes are disrupted to the point where folks on academic probation were told this semester "doesn't count".

At this moment, as I type this, two buildings have evacuation notices. Earlier today, eleven buildings had to be evacuated.

And today was not exceptional.

If you want to follow this yourselves, evacuation notices go out over the @PittTweet twitter account.

Now, I'm not trying to say "knocking every anonymous remailer off the internet is justified". Please don't assume I think that. I'm just pointing out that this very much isn't a case of "the occasional bomb threat". It's basically a full-on ongoing multi-day denial-of-service attack on the Pitt police, Pittsburgh police, and a bunch of the university, happening in meatspace.

Who needs legislation when the Pres has Executive Orders and legal council that will parse those orders 10 ways cubed to justify, if not make it look like the very definition of the "American Ideal" when, in fact, he's shitting on the Constitution? Remember "water boarding"? Was there any legislation for that? How about "extraordinary rendition"? "Free speech zones"?

My hosting is up for renewal next month and I am already looking to move out of the US for security even though I do not think that I am doing anything of interest to them, I do not know what else is being done at my provider. It is not just bad guys that get taken down, everyone using that service suffered. I do not want to suffer when the jackboots arrive. I want somewhere safe and stable like Switzerland. I am sure that someone will post a reply quoting a bad incident in Switzerland but we could fill several pages with bad incidents in the US.